The use of the world wide web (WWW) has become an everyday activity all over the world. Usually, web users access web content as so-called web pages by specifying a corresponding address in some kind of user terminal, such as a stationary, mobile or tablet computer or a mobile phone with corresponding web access capabilities. Conventional user terminals may feature one or more applications (software) for accessing web pages, e.g. in the form of so-called browsers. These browsers handle the request for specified web content and the content's display to and interaction with the user.
All the transactions (requests, retrieval of resources, downloads, etc.) involved with the access of one web page by a user terminal are usually referred to as belonging to one web page session. In contrast to this, the web page as such is operated by the web page owner, is stored on one or more server nodes, and can be simultaneously accessed by a plurality of user terminals (users) during a corresponding plurality of web page sessions.
Generally, web content is organized in the form of web pages that can be individually addressed and accessed by specifying their respective web addresses. One common way for addressing web pages is the definition of locations where the corresponding content is stored. The internet with its so-called internet protocol (IP) provides the related IP addresses that are intended to identify one unique storage location. Since such IP addresses are in the form of several tuples of numbers, they are difficult to memorize and are usually not suitable for everyday public use. However, there exist the concept of the so-called domain name servers (DNS) that can translate plain text addresses into their associated IP address. In this way, there is an easy means available for accessing a web page by associating its content to a plain text address, such as “www.a.com”.
The data objects related to the web content, e.g. all the text, image and multimedia files of one web page, are usually stored on one or more server node(s), which convey the related resources to the requesting terminal along one or more network nodes. Here, the latter mentioned network nodes stand for all the infrastructure that is involved for conveying the requested content from the server node to one user terminal. This infrastructure may include switching and routing nodes of local area networks (LAN), the internet, gateways and access nodes on the user's end, like ADSL nodes or mobile communication networks with their base station nodes (eNBs) and possibly also relay nodes. In general, there is usually a number of individual network nodes of one or more domains that handle the data traffic toward the user's end and thus convey the web content toward the terminal node. Likewise, the web traffic involved in conveying the web content toward the user terminals may include not only the traffic toward the user terminals but also the related request and configuration communication coming from the terminals (e.g. requesting one resource, setting up a TOP connection, etc.).
In general, the precise content of one web page may be known only to the web page owner that operates (offers) the web page by defining the contents and associated resources in the form of, for example, HTML code. Further, also the user that accesses the web page during a corresponding web page session can tell what resources and contents belong to one web page and what other resources do not. For example, the user may instruct his user terminal to load one web page, e.g. “www.a.com”, and, during the user terminal accesses all the related objects and retrieves the resources belonging to that web page, the user may also request further web content from a second web page, say “www.b.com”. In this situation, bath the user and the web page owner of “www.a.com” can tell what resources belong to web page “www.a.com” and what other resources, for example being requested and transmitted in conjunction to accessing web page “www.b.com”, do not.
However, there is a need for correlating web traffic that is extracted or intercepted between a user terminal and one or more server nodes, i.e. at a location in the network where no direct information is available on what resource belongs to what web page, to one individual web page (session). More specifically, it is desirable to correlate web traffic events to individual web page sessions even without the explicit knowledge on the web page content as such, as this information is usually available to the web site owner and/or the accessing user only. This need may in particular appear in the context of operating network systems and observing associated performance metrics of such networks for the operation as such or optimization purposes.